PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability - CVE-2016-1283

The pcre_compile2 function in pcre_compile.c in PCRE 8.38 mishandles the /((:F(:((R)aquot)99-))(J)(39R39(39R39lt((39RR39(39R39)97)J)J)(39R39(39R39)99(:((39R39)(k39R39)((39R39)))H39R39R)(H39R))))))/ pattern and related patterns with named subgroups which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted regular expression as demonstrated by a JavaScript RegExp object encountered by Konqueror.